Re: Roles with passwords; SET ROLE ... WITH PASSWORD ?
| От | Michael Gould |
|---|---|
| Тема | Re: Roles with passwords; SET ROLE ... WITH PASSWORD ? |
| Дата | |
| Msg-id | dd02968bc2c64d47b60f9d73cbf04fd9@intermodalsoftwaresolutions.net обсуждение исходный текст |
| Ответ на | Re: Roles with passwords; SET ROLE ... WITH PASSWORD ? (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: Roles with passwords; SET ROLE ... WITH PASSWORD ?
|
| Список | pgsql-general |
One other topic that is related to this is that we now have a expire date but it would be nice to have a number of days also. This would make it easy to force the user to change their passwords every X days if internal security is being used instead of something like Kerberos or LDAP. Best Regards Michael Gould >Tom Lane" <tgl@sss.pgh.pa.us> wrote: > Craig Ringer <craig@postnewspapers.com.au> writes: >> Anyway ... I'm curious about whether `SET ROLE rolename WITH PASSWORD' >> is something that's technically practical to implement in PostgreSQL and >> what people think about the idea. > > Seems like it would have all the standard problems with cleartext > passwords being exposed in pg_stat_activity, system logs, etc. > Also, what about people who are using more-secure-than-password > auth methods, like Kerberos? > > I'm not really for it. > > regards, tom lane > > -- > Sent via pgsql-general mailing list (pgsql-general@postgresql.org) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-general > -- Michael Gould, Managing Partner Intermodal Software Solutions, LLC 904.226.0978 904.592.5250 fax
В списке pgsql-general по дате отправления: